Cryptology ePrint Archive: Report 2012/553

Bellcore attack in practice

Andrey Sidorenko and Joachim van den Berg and Remko Foekema and Michiel Grashuis and Jaap de Vos

Abstract: In this paper we analyze practical aspects of the differential fault attack on RSA published by Boneh, Demillo and Lipton from Bellcore. We focus on the CRT variant, which requires only one faulty signature to be entirely broken provided that no DFA countermeasures are in use. Usually the easiest approach for the attacker is to introduce a fault in one of the two RSA-CRT exponentiations. These are time-consuming and often clearly visible in the power profiles. However, protection of the exponentiations against faults does not always circumvent the Bellcore attack. Our goal is to investigate and classify other possible targets of the attack.

Category / Keywords: public-key cryptography / Bellcore attack, DFA, light manipulation, perturbation attacks

Date: received 24 Sep 2012

Contact author: sidorenko at brightsight com

Available format(s): PDF | BibTeX Citation

Version: 20120927:133826 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]